private void check(HttpServletRequest request, HttpServletResponse response) {
boolean authorizedIP = false;
String remoteIP = request.getRemoteAddr();
if (allIPsAuth) {
authorizedIP = true;
} else {
for (final String ip : authIPs) {
if (remoteIP.equals(ip)) {
authorizedIP = true;
}
}
}
if (authorizedIP) {
final SameRequestRateLimiter<String>.Result result = rateLimiter.getResult();
if (result.isFirst()) {
try {
result.setValue(healthcheck.checkHealth(request));
} catch (Throwable t) {
result.setError(t);
}
} else if (log.isDebugEnabled()) {
log.debug(
"Re-using health check answer from first concurrent request for this request to conserve server load.");
}
healthresponse.respond(result.getValue(), response);
} else {
if ((remoteIP == null) || (remoteIP.length() > 100)) {
remoteIP = "unknown";
}
try {
response.sendError(
HttpServletResponse.SC_UNAUTHORIZED,
"ERROR : Healthcheck request recieved from an non authorized IP: " + remoteIP);
} catch (IOException e) {
log.error("ERROR : Problems generating unauthorized http response.");
}
log.error("Healthcheck request recieved from an non authorized IP: " + remoteIP);
}
}
/**
* Servlet init
*
* @param config servlet configuration
* @throws ServletException on error
*/
public void init(ServletConfig config) throws ServletException {
super.init(config);
try {
// Install BouncyCastle provider
SignServerUtil.installBCProvider();
String authIPString = config.getInitParameter("AuthorizedIPs");
if (authIPString != null) {
authIPs = authIPString.split(";");
}
if (Arrays.asList(authIPs).contains("ANY")) {
log.info("All IP addresses authorized");
allIPsAuth = true;
}
healthcheck =
(IHealthCheck)
HealthCheckServlet.class
.getClassLoader()
.loadClass(config.getInitParameter("HealthCheckClassPath"))
.newInstance();
healthcheck.init(config, em);
healthresponse =
(IHealthResponse)
HealthCheckServlet.class
.getClassLoader()
.loadClass(config.getInitParameter("HealthResponseClassPath"))
.newInstance();
healthresponse.init(config);
} catch (Exception e) {
throw new ServletException(e);
}
}